pam_chauthtok.c revision 115619
1261320Sdes/*- 298937Sdes * Copyright (c) 2002-2003 Networks Associates Technology, Inc. 398937Sdes * All rights reserved. 498937Sdes * 598937Sdes * This software was developed for the FreeBSD Project by ThinkSec AS and 6180746Sdes * Network Associates Laboratories, the Security Research Division of 798937Sdes * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 898937Sdes * ("CBOSS"), as part of the DARPA CHATS research program. 998937Sdes * 1098937Sdes * Redistribution and use in source and binary forms, with or without 1198937Sdes * modification, are permitted provided that the following conditions 1298937Sdes * are met: 1398937Sdes * 1. Redistributions of source code must retain the above copyright 1498937Sdes * notice, this list of conditions and the following disclaimer. 1598937Sdes * 2. Redistributions in binary form must reproduce the above copyright 1698937Sdes * notice, this list of conditions and the following disclaimer in the 1798937Sdes * documentation and/or other materials provided with the distribution. 1898937Sdes * 3. The name of the author may not be used to endorse or promote 1998937Sdes * products derived from this software without specific prior written 2098937Sdes * permission. 2198937Sdes * 22255670Sdes * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 23261320Sdes * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 2498937Sdes * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 2598937Sdes * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 2698937Sdes * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 2798937Sdes * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2898937Sdes * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2998937Sdes * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 3098937Sdes * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 3198937Sdes * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 3298937Sdes * SUCH DAMAGE. 3398937Sdes * 3498937Sdes * $P4: //depot/projects/openpam/lib/pam_chauthtok.c#16 $ 3598937Sdes */ 3698937Sdes 37261320Sdes#include <sys/param.h> 38261320Sdes 39261320Sdes#include <security/pam_appl.h> 4098937Sdes 4198937Sdes#include "openpam_impl.h" 4298937Sdes 43261320Sdes/* 44261320Sdes * XSSO 4.2.1 45261320Sdes * XSSO 6 page 38 4698937Sdes * 4798937Sdes * Perform password related functions within the PAM framework 4898937Sdes */ 4998937Sdes 5098937Sdesint 51261320Sdespam_chauthtok(pam_handle_t *pamh, 52261320Sdes int flags) 53261320Sdes{ 5498937Sdes int r; 5598937Sdes 5698937Sdes ENTER(); 5798937Sdes if (flags & ~(PAM_SILENT|PAM_CHANGE_EXPIRED_AUTHTOK)) 5898937Sdes RETURNC(PAM_SYMBOL_ERR); 5998937Sdes r = openpam_dispatch(pamh, PAM_SM_CHAUTHTOK, 60261320Sdes flags | PAM_PRELIM_CHECK); 61261320Sdes if (r == PAM_SUCCESS) 62261320Sdes r = openpam_dispatch(pamh, PAM_SM_CHAUTHTOK, 6398937Sdes flags | PAM_UPDATE_AUTHTOK); 6498937Sdes pam_set_item(pamh, PAM_OLDAUTHTOK, NULL); 6598937Sdes pam_set_item(pamh, PAM_AUTHTOK, NULL); 66261320Sdes RETURNC(r); 67261320Sdes} 68261320Sdes 6998937Sdes/* 7098937Sdes * Error codes: 7198937Sdes * 7298937Sdes * =openpam_dispatch 7398937Sdes * =pam_sm_chauthtok 74261320Sdes * !PAM_IGNORE 75261320Sdes * PAM_SYMBOL_ERR 76261320Sdes */ 7798937Sdes 7898937Sdes/** 7998937Sdes * The =pam_chauthtok function attempts to change the authentication token 8098937Sdes * for the user associated with the pam context specified by the =pamh 8198937Sdes * argument. 82 * 83 * The =flags argument is the binary or of zero or more of the following 84 * values: 85 * 86 * =PAM_SILENT: 87 * Do not emit any messages. 88 * =PAM_CHANGE_EXPIRED_AUTHTOK: 89 * Change only those authentication tokens that have expired. 90 * 91 * If any other bits are set, =pam_chauthtok will return =PAM_SYMBOL_ERR. 92 */ 93